MCP Secrets

MCP Secrets

A secure secrets management server that enables LLMs to execute CLI commands using injected credentials while protecting sensitive data through output redaction and user-approved session permissions. It features an encrypted vault, secret capture from command outputs, and a macOS menu bar app for native notifications and dialogs.

Category
访问服务器

README

Claude Secrets

A secure secrets management plugin for Claude Code and MCP clients. Enables AI assistants to safely handle credentials with user approval, automatic redaction, and secret capture from command output.

Features

  • Secret Injection - Use {{SECRET_NAME}} placeholders in commands to inject secrets
  • Session-Based Permissions - User approves secret access per-session with time-based expiry
  • Output Redaction - Automatically redacts known secrets and common patterns from output
  • Secret Capture - Extract secrets from command output (e.g., AWS session tokens) and store for future use
  • LLM-Friendly Metadata - Descriptions help future LLMs discover and use the right secrets
  • macOS Menu Bar App - Native notifications and dialogs for secret requests
  • Encrypted Vault - Secrets stored with Fernet encryption

Installation

One-Line Install (Recommended)

curl -sSL https://raw.githubusercontent.com/henghonglee/claude-secrets/main/install.sh | bash

This automatically:

  • Installs the package via pipx
  • Creates the encrypted vault
  • Installs the Claude Code plugin
  • Starts the menu bar app
  • Enables auto-start on login

Manual Installation

pipx install git+https://github.com/henghonglee/claude-secrets.git
ccs init

From Source

git clone https://github.com/henghonglee/claude-secrets.git
cd claude-secrets
pip install -e .
ccs init

Quick Start

# Initialize vault + start menubar + enable auto-start on login
ccs init

# Add a secret with description (helps LLMs understand what it's for)
ccs add AWS_ACCESS_KEY

# Check status
ccs status

The init command automatically:

  • Creates the encrypted vault
  • Installs the Claude Code plugin (via marketplace)
  • Starts the menu bar app
  • Enables auto-start on login (macOS)

Plugin-Only Install (if claude-secrets is already installed)

claude plugin marketplace add henghonglee/claude-secrets
claude plugin install claude-secrets@henghonglee-claude-secrets

Claude Code Commands

When installed as a plugin:

Command Description
/claude-secrets:list List all available secrets
/claude-secrets:add [NAME] Add a new secret
/claude-secrets:run <command> Run a command with secret injection

MCP Configuration (Non-Plugin)

For Claude Desktop or other MCP clients, add to your configuration:

{
  "mcpServers": {
    "secrets": {
      "command": "ccs",
      "args": ["serve"]
    }
  }
}

MCP Tools

run_command

Execute a CLI command with secret injection and output redaction.

{
  "command": "aws s3 ls --profile {{AWS_PROFILE}}",
  "timeout": 60,
  "capture": [
    {
      "path": "$.Credentials.SecretAccessKey",
      "name": "AWS_SESSION_SECRET",
      "description": "Temporary AWS secret key from STS. Use with AWS_SESSION_KEY_ID and AWS_SESSION_TOKEN.",
      "expires_at": "2024-01-24T12:00:00Z"
    }
  ]
}

Parameters:

  • command - Command with {{SECRET_NAME}} placeholders
  • timeout - Timeout in seconds (default: 60)
  • capture - Extract secrets from JSON output:
    • path - JSONPath expression (e.g., $.Credentials.SecretAccessKey)
    • name - Name for the captured secret
    • description - LLM-friendly description
    • expires_at - ISO 8601 expiration timestamp
  • redact_patterns - Additional regex patterns to redact
  • skip_builtin_patterns - Skip built-in redaction patterns

list_secrets

List available secrets with their descriptions.

{
  "tag": "aws"
}

Returns:

{
  "secrets": [
    {
      "name": "AWS_ACCESS_KEY",
      "description": "AWS access key for production account",
      "expires_at": null
    }
  ]
}

request_secret

Request the user to add a missing secret via the menu bar app.

{
  "name": "GITHUB_TOKEN",
  "description": "Personal access token for GitHub API. Needs repo and workflow scopes."
}

The menu bar app will show a native macOS dialog prompting the user to enter the secret value.

get_permissions

Get current session permission status for secrets.

How It Works

  1. Client LLM calls list_secrets to discover available secrets
  2. LLM constructs command with {{SECRET_NAME}} placeholders
  3. User approves secret access when prompted (cached for session)
  4. Server injects secrets and executes command
  5. Output is redacted before returning to LLM
  6. Captured secrets are stored with LLM-provided descriptions for future use

Menu Bar App (macOS)

The menu bar app provides:

  • Server status indicator
  • List of stored secrets with expiry times
  • Native dialogs for secret requests
  • Notifications when secrets are captured or expiring

Start with:

claude-secrets-menubar

Security Model

  • Encrypted storage - Vault encrypted with Fernet (AES-128-CBC)
  • Permission prompts - User must approve each secret's use
  • Session expiry - Permissions auto-expire (default: 1 hour)
  • Output redaction - Secrets automatically removed from command output
  • Audit logging - All secret access logged to ~/.claude-secrets/audit.log

Uninstalling

One-Line Uninstall

curl -sSL https://raw.githubusercontent.com/henghonglee/claude-secrets/main/uninstall.sh | bash

Manual Uninstall

ccs uninstall      # Stops menubar, removes plugin, keeps secrets
pipx uninstall claude-secrets

Delete Everything (including secrets)

ccs uninstall --delete-vault
pipx uninstall claude-secrets

Your secrets are preserved by default in ~/.claude-secrets/ so you can reinstall later without losing them.

Plugin Structure

claude-secrets/
├── .claude-plugin/
│   ├── plugin.json          # Plugin manifest
│   └── marketplace.json     # Marketplace manifest (for plugin distribution)
├── .mcp.json                 # MCP server configuration
├── skills/
│   └── secrets/
│       └── SKILL.md         # Teaches Claude when/how to use secrets
├── commands/
│   ├── list.md              # /claude-secrets:list command
│   ├── add.md               # /claude-secrets:add command
│   └── run.md               # /claude-secrets:run command
└── src/
    └── claude_secrets/      # Python package

Configuration

Configuration stored at ~/.claude-secrets/config.json:

{
  "session_timeout": 3600
}

Set values with:

ccs config set session_timeout 7200

Development

# Install dev dependencies
pip install -e ".[dev]"

# Run tests
pytest

# Run with coverage
pytest --cov=claude_secrets

# Test plugin locally
claude --plugin-dir ./

License

MIT

推荐服务器

Baidu Map

Baidu Map

百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。

官方
精选
JavaScript
Playwright MCP Server

Playwright MCP Server

一个模型上下文协议服务器,它使大型语言模型能够通过结构化的可访问性快照与网页进行交互,而无需视觉模型或屏幕截图。

官方
精选
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

一个由人工智能驱动的工具,可以从自然语言描述生成现代化的用户界面组件,并与流行的集成开发环境(IDE)集成,从而简化用户界面开发流程。

官方
精选
本地
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

通过模型上下文协议启用与 Audiense Insights 账户的交互,从而促进营销洞察和受众数据的提取和分析,包括人口统计信息、行为和影响者互动。

官方
精选
本地
TypeScript
VeyraX

VeyraX

一个单一的 MCP 工具,连接你所有喜爱的工具:Gmail、日历以及其他 40 多个工具。

官方
精选
本地
graphlit-mcp-server

graphlit-mcp-server

模型上下文协议 (MCP) 服务器实现了 MCP 客户端与 Graphlit 服务之间的集成。 除了网络爬取之外,还可以将任何内容(从 Slack 到 Gmail 再到播客订阅源)导入到 Graphlit 项目中,然后从 MCP 客户端检索相关内容。

官方
精选
TypeScript
Kagi MCP Server

Kagi MCP Server

一个 MCP 服务器,集成了 Kagi 搜索功能和 Claude AI,使 Claude 能够在回答需要最新信息的问题时执行实时网络搜索。

官方
精选
Python
e2b-mcp-server

e2b-mcp-server

使用 MCP 通过 e2b 运行代码。

官方
精选
Neon MCP Server

Neon MCP Server

用于与 Neon 管理 API 和数据库交互的 MCP 服务器

官方
精选
Exa MCP Server

Exa MCP Server

模型上下文协议(MCP)服务器允许像 Claude 这样的 AI 助手使用 Exa AI 搜索 API 进行网络搜索。这种设置允许 AI 模型以安全和受控的方式获取实时的网络信息。

官方
精选